Hacks, data leaks, and security breaches. Scary headlines about user data have become all too commonplace in our news feeds today. As a church, you want to feel confident you're handling sensitive information about your congregants with white gloves.
Rather than store data offsite in server farms (aka “the cloud”), some churches opt for an on-site server. But this actually makes your data less secure. The only thing keeping an onsite server safe is a locked door. Can you name every person who has ever had a key to that door? What about passwords left lying around on a sticky note?
Your church data deserves more protection than that.
The following are several reasons you can rest assured that your church’s data is safe in the cloud.
The "Cloud" is a real place with managed by cybersecurity experts.
At TouchPoint, we host your data on our own servers at Rackspace—a world-class, widely known data center. Our servers are located in their Chicago data center, where only authorized employees have physical access to the servers. Rackspace provides us (and you) with peace of mind in a couple of ways:
Privately Managed Cloud. Rackspace manages a set of dedicated servers for our account. We do not share any resources with any other Rackspace customer. We have two 16-processor servers, a firewall, and a load balancer in our managed cloud. Rackspace monitors all of our critical services and has 24/7 support.
Proactive Monitoring. Rackspace pro-actively monitors all of our hardware for potential problems. If a problem should occur, Rackspace responds quickly.
We've built in protective measures to keep your data safe.
When sensitive information is being shared, you want to be sure the right protections are in place. We’ve thought about these things and taken action to provide additional levels of security in the places you need them most. Here are a few key examples:
Secure Sockets Layer (SSL). We have a wildcard SSL certificate, which secures all traffic between our web server and your browser. This means that all data is encrypted over the wire, so no hacker can “sniff” your data and see what you’re sending and receiving. If you are sitting in Starbucks working on your church management system, you don’t have to worry about someone stealing important information over the network. *Important note: While this capability protects your information from being stolen over the network, it does not protect you from someone looking over your shoulder and seeing the information on your screen. The most dangerous and effective hackers do not use code or hardware to get your data—they use social hacking techniques like these.
Credit Card Data. TouchPoint provides integration with Sage Payments, Authorize.Net and TransNational to allow you to set up online giving and other fee-based registrations. We do not store any Credit Card or Bank Account information on our servers. A user can save his payment information but we put it in a secure Vault service through one of these gateways. We cannot see the information. All we can do is issue transactions on this saved payment data, via the gateway.
Social Security Numbers. Social security numbers are not accessible or stored in TouchPoint. The only time we ever store Social Security Numbers is when you do a background check using our integration with Protect My Ministry. Even then we encrypt the social security number in such a way that even with physical access to the database you would not be able to retrieve the actual number.